Spending Your Budget on the Right Security Tools
-
Spending Your Budget on the Right Security Tools
The cost of cyber-crime increases, yet firms still misdirect their priorities by spending on ineffective security tools instead of investing in new technologies. -
Successful Breaches Per Company
Successful breaches per company have risen 27% annually, from an average of 102 to 130. Ransomware attacks alone have doubled from 13% to 27%. -
Information Loss Was Largest
Information loss represented the largest cost component, rising from 35% in 2015 to 43% in 2017. -
Spending Too Much On Wrong Tech
Of nine security technologies, five had a negative value gap: The percentage spending level was higher than the relative value to the business. Advanced perimeter controls: -4, Extensive use of data loss prevention: -4, Deployment of governance, risk, compliance: -3, Extensive deployment of encryption: -2, Automated policy management: -1 -
Technologies That Help
Three technologies had positive rank ordering by spending levels and cost savings. Security intelligence systems: +6, Use of cyber-analytics and user behavior analytics: +5, Automation, orchestration and machine learning: +3, Advanced identity and access governance: = -
Widely Deployed Security Tech
The two most widely deployed security technologies are security intelligence systems (67%) and advanced identity and access governance (63%). They deliver cost savings of $2.8 million and $2.4 million, respectively. -
No Fast Tracks
Spending on governance, risk and compliance technologies and automated policy management is not a fast track to increased security. They showed the lowest effectiveness in reducing cyber-crime costs (9% and 7%, respectively) out of nine security technologies. -
Focus on Tech Innovations
Innovative technologies are generating the highest ROIs, yet investment in them is low. Cyber-analytics and user behavior analytics, as well as automation orchestration and machine learning ranked lowest for deployment (32% and 28%, respectively), but they provide the third and fourth highest cost savings. -
Recommendation
Build cyber-security on a strong foundation. Invest in security intelligence and advanced access management, and recognize the need to innovate. -
Recommendation
Perform extreme pressure testing. Don't rely on compliance alone to enhance your security profile. Use extreme pressure testing to identify even the most highly motivated attacker. -
Recommendation
Invest in innovation. Balance investments in analytics and artificial intelligence to enhance program effectiveness and scale value.
Companies worldwide are hemorrhaging money as a result of cyber-attacks and misdirected investments in inefficient and ineffective security capabilities, according to a new report. These companies are losing as much is $11.7 million per business annually. That's an increase of 62 percent in five years and $2.4 million per incident, according to the research report published by Accenture and the Ponemon Institute. The report, "2017 Cost of Cyber-Crime Study," found that the number of cyber-attacks has shown "no sign of slowing down" since 2009. "As this research shows, making wise investments in innovation can certainly help make a significant difference when cyber-criminals strike," said Kelly Bissell, managing director of Accenture Security. "Keeping pace with these more sophisticated and highly motivated attacks demands that organizations adopt a dynamic, nimble security strategy that builds resilience from the inside out—versus only focusing on the perimeter—with an industry-specific approach that protects the entire value chain, end to end." The report surveyed 2,182 security and IT professionals over a 10-month period in 254 organizations in Australia, France, Germany, Italy, Japan, the United Kingdom and the United States.